Geopolitical Risks Elevate Threats to Cyber-Physical Systems and OT Supply Chains
Claroty researchers have warned that global conflicts, civil unrest, and tariff wars are significantly increasing the risks facing cyber-physical systems, particularly those underpinning critical infrastructure and operational technology (OT). According to the Global State of CPS Security 2025 report, attackers are expected to exploit vulnerabilities introduced by disrupted supply chains, with predictions that at least one major cyber-physical breach will occur within the next year. The instability in sourcing, manufacturing, and delivery of hardware and software components—driven by geopolitical tensions—has forced organizations to rely on new or less-vetted vendors, heightening the risk of unknown vulnerabilities in OT, building management, and healthcare systems.
Experts emphasize that changes in supply chain geography and sourcing, often resulting from trade restrictions and sanctions, can undermine the integrity and security of critical systems. The report, based on a global survey of 1,100 cybersecurity professionals, highlights the urgent need for organizations to reassess their risk management strategies and strengthen supply chain security to mitigate the evolving threat landscape. The convergence of geopolitical instability and fragile supply chains is creating new opportunities for cyber adversaries to target essential infrastructure worldwide.
Sources
Related Stories
Escalating Threats to Critical Infrastructure from Geopolitical and Cyber Actors
Cybersecurity experts warn that attacks targeting critical infrastructure are expected to intensify, with a particular focus on operational technology (OT) systems. The evolving threat landscape is being shaped by geopolitical tensions, with state actors, criminal groups, and hacktivists increasingly seeking to cause physical disruption and damage, rather than merely stealing sensitive information. Experts highlight that hybrid warfare tactics are becoming more frequent, and the convergence of cyber and kinetic operations is reaching a critical inflection point for infrastructure security. Industry leaders and analysts predict that future attacks will closely follow geopolitical conflicts, making critical infrastructure a prime target in both cyber and physical domains. The discussions emphasize the need for organizations to reassess their risk management strategies and bolster defenses across multiple domains to address the growing sophistication and intent of adversaries targeting essential services and national assets.
2 months agoRegulatory Uncertainty in OT Security Due to Third-Party Risk
Critical infrastructure providers are facing increased cybersecurity challenges stemming from third-party risks, which are driving regulatory uncertainty in the operational technology (OT) sector. According to a global survey by Claroty, 69% of cybersecurity professionals claim to closely follow existing cybersecurity standards, yet 76% anticipate that new regulations will force them to significantly overhaul their current security strategies. This disconnect highlights confusion and concern about the direction and impact of forthcoming regulatory requirements for cyber-physical systems. The survey, which included 1,100 cybersecurity professionals, revealed that nearly half of organizations with cyber-physical systems experienced breaches in the past year due to third-party access. Additionally, 54% of respondents reported finding security gaps or weaknesses in vendor contracts after an incident had occurred. These findings underscore the urgent need for improved third-party risk management and clearer regulatory guidance to protect critical infrastructure from evolving threats.
4 months agoExpanding Cyber Risk Across Connected Assets and Supply Chains
Organizations are facing a rapidly evolving cyber risk landscape as the boundaries between IT, operational technology (OT), Internet of Things (IoT), and supply chain systems blur. The proliferation of connected devices, such as cameras, badge readers, HVAC systems, and factory controllers, has significantly increased the attack surface for enterprises. Business demands have driven the integration of IT, OT, and IoT, enabling telemetry to inform analytics and automation, but also concentrating dependencies on critical control planes like cloud consoles and APIs. This interconnectedness means that a single compromised identity provider, software updater, or remote management tool can serve as a single point of failure, potentially impacting thousands of endpoints and critical business processes. Security leaders emphasize the importance of maintaining a living inventory of assets, applying least privilege principles, and segmenting networks by function and criticality to mitigate these risks. Unknown or unmanaged devices should be treated as unsafe until proven otherwise, and where devices lack robust security features, organizations are advised to broker connections through secure gateways. The challenge is compounded by resource constraints and the long lifecycles of many IoT and OT devices, which often cannot be easily updated or replaced. The expansion of cyber risk also extends to the supply chain, where third-party vendors, contractors, and service providers can become entry points for attackers. Recent high-profile breaches have demonstrated that adversaries exploit trusted relationships to infiltrate organizations, with the fallout often affecting the victim company regardless of where the breach originated. This complexity is frequently invisible to the public and regulators, leading to reputational damage and loss of narrative control for affected organizations. Effective cyber readiness now requires extensive preparation, including scenario exercises, communication planning, and training to operate under pressure. The shift from endpoint-centric to control plane-centric risk management reflects the need to address the realities of modern, interconnected business environments. Organizations must adopt an "assume breach" mindset and focus on resilience and recovery planning, not just prevention. The evolving threat landscape demands that security strategies account for the full spectrum of connected assets and the intricate web of dependencies that define today's enterprises. As the definition of cyber risk continues to expand, so too must the approaches to visibility, segmentation, and incident response. Ultimately, the ability to manage and recover from cyber incidents hinges on preparation, visibility, and the recognition that every connected asset and relationship represents a potential risk vector.
4 months ago